NovusBogus wrote:One thing you could do if you just really want more than single-password encryption is look into TrueCrypt's hidden volume feature, where you can have an encrypted file/drive/whatever whose empty-space 'noise' is actually a second drive and which one you get when you mount the drive depends on which of two passwords you feed TrueCrypt. The idea is that you can load the outer volume with things that are embarrassing or socially deviant but not (or less) illegal in your jurisdiction so that if/when you are forced to reveal the password you can convincingly say that this is what you have. The crypto is never the weak point so plausible deniability is infinitely more useful than fretting about fancypants algorithms.

Another thing you could look at depending on how much data you've got is an enterprise-class secure USB stick with a hardware-based security system. I have a 4GB Lexar drive (sadly discontinued it seems) that bricks itself after five incorrect attempts, it's not very big but great for passwords and financial stuff. Obviously you need to be triply careful to remember the PW with one of these since you can't just guess until you get the right one.

TrueCrypt Hidden volume sounds good but wouldn't professional crackers already be able to detect such a volume ?

Hardware based USB stick is also a very good solution but came across following news that was cracked too.

Whether they'd look around for more after being provided the false key is debatable, but if they do you're just screwed anyway. Again, the crypto isn't the weak link in the chain, ever. You are the weak link, and to a lesser extent your hardware (i.e. those drives in that linked article...the crypto wasn't 'broken' the chip was short-circuited, they did a recall and nothing heard about it since). Making the hidden volume work, like most cloak and dagger stuff, is largely dependent on your ability to sell it in the interrogation room.

The key is just to get something that makes it reasonably difficult, and covers you tracks as much as possible. Crypto nerds have written long mega-essays about encryption as it relates to game theory and computer science but they all assume that the adversary is a crypto nerd like them who thinks in terms of cracking your algorithm with their algorithm and generally 'plays by the rules' per polite academic discourse. But the adversary is never a crypto nerd, the adversary is a cop (or black hat wearing equivalent) and sound real-world security comes from thinking like a cop, not a crypto nerd. A crypto nerd would never say "I have your wife, now give me the #$%^ing code!" but that's exactly what would happen in the real world with anyone who cared enough to break anything more than very simple encryption to get at your stuff. The beauty of setting up a hidden volume per the rules set up on TC is that if you're compromised you at least have a chance to convincingly sell the cops on your freaky gerbil fetish, they'll have a good laugh and send you on your way. I personally don't bother with it since I don't live in a police state and don't traffic in genuinely sensitive data, though I do use the basic TC encrypted volume files for a few things out of convenience and basic security protocol.

What we're saying saying is that this is not the guy you need to worry about.

He's too busy looking at pr0n to really care about anything that can't be broken open with a simple shell script.

It's not even these guys, unless your first name is Bank and your last name is Of America.

The one you need to worry about is this guy.

He bench-presses four crypto nerds at a time, thinks AES is part of his government-issued steroid regimen, and is just aching to spill some spinal fluid this afternoon. He does not give one damn about what electronic tomfoolery the silly peasant thinks will keep him from his mission, and if he shows up on your doorstep it does not matter what you're using. Period. The best you can hope for is to destroy the data or feed him a convincing narrative to make him go away, otherwise he will get what he came for. And if the adversary wants your data badly enough to hit it with their computer for more than a few minutes they're gonna dispense with the foreplay and send this guy.

Again, we're not trying to come down hard or scare you or anything, just to reinforce the disconnect between security whitepapers and what goes down in the real world becuase it's a pretty wide gulf and 95% of the stuff written about it on the internet is BS. Not directly related, but discussions like this remind me of a great Defcon talk by a pen-tester in which he shows how easily he can get into some of the most secure facilities in the world by thinking like a bad guy and not playing by the rules. It's a bit long, but glorious.

Yup, it pretty much comes down to that xkcd cartoon linked a few posts back. The best humor is humor that hits just a little too close to the mark, and the xkcd encryption strip is a bulls eye.

Unless the data you're dealing with is valuable, sensitive, or illegal enough that there's a real possibility that armed thugs will show up at your house to beat the passphrase out of you, or that you could do jail time if the data was decrypted by the authorities, worrying about things like hidden volumes and double encryption is like worrying about whether your toenails are properly trimmed while your house burns down around you.

The years just pass like trains. I wave, but they don't slow down.-- Steven Wilson

just brew it! wrote:Yup, it pretty much comes down to that xkcd cartoon linked a few posts back. The best humor is humor that hits just a little too close to the mark, and the xkcd encryption strip is a bulls eye.

A cartoon push-pinned to the outside cube wall of our dedicated IT examiner (I do some, but it's all he does).

Though I still want to build the cluster.

He has erected a multitude of New Offices, and sent hither swarms of Officers to harass our people and eat out their substance.

There is another kind of people to worry about, but it is still about the people side of the whole thing that is the attack vector. Your other party that you are sending that encrypted HDD. Your adversary may be armed with enough cash or other incentives to get your other party to sell/give up the information voluntarily anyway.

Again, there is almost no unbreakable encryption algorithm + system (think Mission: Impossible, even a semi-closed system you just need a fly on the wall to take pictures of the screen and your whole system is defeated). And even if there is, your information can still be retrieved if the adversary is determined enough. If you really want your information to be 100% secure then you may as well stop thinking about sharing that information at all and keep it to yourself. And to really stop other people from getting the information from you the originator, what I said before about vapourizing your brain cells may be the only 100% way (let's ignore the fact that space-time travel may be possible in the future and then you should not even generate the information in the first place).

The Model M is not for the faint of heart. You either like them or hate them.

He bench-presses four crypto nerds at a time, thinks AES is part of his government-issued steroid regimen, and is just aching to spill some spinal fluid this afternoon.

It makes for a great joke, but even that's a little dramatic. It is a problem, and more crypto software should come with a self-destruct mechanism and a dead-man-switch. However, sending some goons or people disappearing is rather conspicuous. If you're worried about goons, get a firearm, and become proficient with it in a combat situation, become proficient with some self-defense technique, and make sure they can't find you in the first place by obfuscating your tracks.

The best attack is one where the target doesn't know it's been attacked. It's like a parasite. It's best if the host doesn't know it's there.

Flatland_Spider wrote:It makes for a great joke, but even that's a little dramatic. It is a problem, and more crypto software should come with a self-destruct mechanism and a dead-man-switch. However, sending some goons or people disappearing is rather conspicuous. If you're worried about goons, get a firearm, and become proficient with it in a combat situation, become proficient with some self-defense technique, and make sure they can't find you in the first place by obfuscating your tracks.

The best attack is one where the target doesn't know it's been attacked. It's like a parasite. It's best if the host doesn't know it's there.

Now if that is a possibility at all, which in big parts of this world it aint, because in many places that makes you the goon and it's illegal. Not to mention that the goons would probably top you no matter what you got, and they probably would have more experience using them on people at that.

Although at this point the question has become pretty much semantics, because if anybody not having access to big funds, an armored car and people that protect data for the living, they should be nowhere near data that would have a chance to elicit any of said actions from either part.

Krogoth wrote:I feel that the primary purpose of data encryption is to keep honest people, honest. It will not stop a determined group or individual from obtaining your data or at least the destroying the data (denial of service) and if you are paranoid enough you will probably have no back-ups.

Unless you have state and trade secrets on hand. You shouldn't have to go to great lengths to protect and encrypt your data. The vast majority can get by with standard encryption schemes and suites to protect their personal information as long as you deal with parties that you can trust. Don't deal with shady emails and groups (phishing schemes).

Physical security the final and most important layer of defence. It doesn't matter how good your encryption scheme is. An attacker who has sufficient motivation will circumvent the encryption or destroy the data out of spite.

I agree with you that encryption keeps honest people honest. But to state that it would not keep a determined group/individual from obtaining data or destroying data is incorrect IMHO. Consider the standard AES is used on many websites and in many applications, and I'm sure many people would be determined to get a lot of that data if they could, but they know attacking the AES is not feasible. Used properly and well implemented, encryption in general favors the defender - otherwise it wouldn't be used and the internet itself would likely not be as friendly to shopping, banking, and transmitting sensitive info.

Krogoth wrote:I feel that the primary purpose of data encryption is to keep honest people, honest. It will not stop a determined group or individual from obtaining your data or at least the destroying the data (denial of service) and if you are paranoid enough you will probably have no back-ups.

Unless you have state and trade secrets on hand. You shouldn't have to go to great lengths to protect and encrypt your data. The vast majority can get by with standard encryption schemes and suites to protect their personal information as long as you deal with parties that you can trust. Don't deal with shady emails and groups (phishing schemes).

Physical security the final and most important layer of defence. It doesn't matter how good your encryption scheme is. An attacker who has sufficient motivation will circumvent the encryption or destroy the data out of spite.

I agree with you that encryption keeps honest people honest. But to state that it would not keep a determined group/individual from obtaining data or destroying data is incorrect IMHO. Consider the standard AES is used on many websites and in many applications, and I'm sure many people would be determined to get a lot of that data if they could, but they know attacking the AES is not feasible. Used properly and well implemented, encryption in general favors the defender - otherwise it wouldn't be used and the internet itself would likely not be as friendly to shopping, banking, and transmitting sensitive info.

Because the vast majority of the information transmitted online is not worth the time, energy and risk to decrypt. They rather have the victims hand them the proverbial keys (loggers, phishing schemes and trojans) then attempt to do a direct attack.

If the attacker has a chip on their shoulders or personal vendetta they will find a way around most online encryption schemes or even go far enough to use brute force.

In a way, obscurity and anonymity is the average user's best protection. As long you don't disclose too much information, the chances of getting in the crosshairs of an attack are reduced.

Krogoth wrote:Because the vast majority of the information transmitted online is not worth the time, energy and risk to decrypt.

That's the exact purpose of encryption, to make the cost of decryption (greatly) exceed the value of the encrypted information. Average users aren't relying on obscurity and anonymity at all; they are relying on criminals making a reasonable cost-benefit analysis.

Aphasia wrote:Now if that is a possibility at all, which in big parts of this world it aint, because in many places that makes you the goon and it's illegal. Not to mention that the goons would probably top you no matter what you got, and they probably would have more experience using them on people at that.

That's too bad; firearms are a great equalizer. Discussing firearm ownership more is probably R&P fodder, so I'll leave it at this.

You're giving criminals too much credit. Common thugs aren't smart, and they don't spend lots of time practicing. Professionals are a different story.

Grenades, rocket launchers, machine guns, and tanks are outlandish, silly, and conspicuous. Here in the US at least, goons and people are pretty evenly matched. Of course, a firefight would draw lots of unwanted attention.

Although at this point the question has become pretty much semantics, because if anybody not having access to big funds, an armored car and people that protect data for the living, they should be nowhere near data that would have a chance to elicit any of said actions from either part.

Exactly. For most people, SSN, credit card numbers, and passwords are the most sensitive pieces of information they have. At the point where people need paramilitary training for personal security, they are probably part of a larger organization that will deter direct attacks.

A lot of this depends not only on what you're sending and what it's worth, but also on who knows what you're sending and what it's worth. While it's true that a truly smart and determined group of data thieves are going to put most of their efforts into you (or the person you're sending the data to) rather than against the encryption; all of that is based on the notion that a smart and determined group is actually out there looking for your data.

If you believe that this is the case, then posting on a public forum was probably a bad way to start.

In reality, except for a few special cases, most of the security work boils down to a cost-benefit analysis. The thing is that even though risks exist, most companies that employ at lease barebones security at least actively decide to either do something about a risk, or just accept it, and the potential loss should it pan out, because of costs/benefits. The big point in all this is that they actually looked at the risk and took a decision about it.

The special cases on the other hand, is cases where keeping things secret are paramount and a requirement of the business. Then funds are "unlimited" in the sense that they either implement the processes or just don't have a company. Most uses of this would be organization that handle and sell financial or security services. Companies with PCI-DSS compliance, Public CA's, etc. Don't know enough about HIPA to say if healthcare services would fall under the same umbrella.

There are a ton of risk and ways to loose data today, and when using proven encryption and best practices for choosing keys, somebody brute-forcing your encryption is the smallest problem of them all.

As for the side-track....

Flatland_Spider wrote:That's too bad; firearms are a great equalizer. Discussing firearm ownership more is probably R&P fodder, so I'll leave it at this.

You're giving criminals too much credit. Common thugs aren't smart, and they don't spend lots of time practicing. Professionals are a different story.

And if the data is worth so much fuzz, I guess common thugs didn't know about it

I wont dig this into a great discussion about the relative merits with R&P view in mind, I'm sure there are already a few of them in the R&P forum. Although I don't necessarily agree with you in some respects considering statistics about firearms, but I do wish things in certain ways were a bit looser around here, mostly because I love shooting at the range. It's kind of silly that if I take a hunters exam and pass it, which for all purposes, requires me reading a couple of books, do a written test and a shooting exam, they assume I have a need for up to four rifles with an option on two extras, but if I want to have a pistol or any gun for target shooting without a hunting exam, it requires a period 6 month active membership in a approved club that uses the type of weapon I want a license for before I can apply for one. And then many only get a license for a .22 until another 6 months. Regulation and licensing also includes airguns over a certain muzzle-energy and crossbows. Low-power airguns and normal compound and recurvebows are unregulated though. Which is why I managed to do few years as an archery instructor.

The bad thing is, if you don't want to go the legal way, it's very easy to get a gun, but doing it the right way, is a very tedious process.